2021 hw

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

PoC memory injection detection agent based on ETW, for offensive and defensive research purposes

Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.

Scan files or process memory for CobaltStrike beacons and parse their configuration

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

Access without a real handle

Self-hosted, lightweight server and website monitoring and O&M tool

渗透测试，渗透测试小技巧，渗透测试Tips，师傅们跟我一起维护更新吧~

适用于weblogic和Tomcat的无文件的内存马(memshell)

Red Team oriented C# Simple HTTP & WebDAV Server with Net-NTLM hashes capture functionality

dll转shellcode工具

绕3环的shellcode免杀框架

Materials for Windows Malware Analysis training (volume 1)

Defeating Windows User Account Control

免杀技术大杂烩---乱拳也打不死老师傅

ABUSING WINDOWS TELEMETRY FOR PERSISTENCE

Cross-platform, low level networking using the Rust programming language.

A small library to modify all page-table levels of all processes from user space for x86_64 and ARMv8.

PowerShell Scripts I find useful

Reverse Engineer's Toolkit

Alternative Shellcode Execution Via Callbacks

整理的一些默认用户名/密码清单,Excel表

IBM Maximo Asset Management is vulnerable to Information Disclosure via XXE Vulnerability (CVE-2020-4463)

PoC MSVC COFF Object file loader/injector.

Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.

A zero-allocation no_std-compatible zero-cost way to add color to your Rust terminal

Run applications through VPN tunnels with temporary network namespaces

A Android RAT with lots of features , check README for more information.